Important: This tutorial assume you already has installed and know how to use, aws cli, kubectl and eksctl
eksctl create cluster --region us-west-1 --name express-api --version 1.25 --fargate
Note: This command create a stack in cloudformation
eksctl utils associate-iam-oidc-provider --region us-west-1 --cluster express-api --approve
curl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.4/docs/install/iam_policy.json
aws iam create-policy \
--policy-name AWSLoadBalancerControllerIAMPolicy \
--policy-document file://iam_policy.json
5. To create a service account named aws-load-balancer-controller in the kube-system namespace for the AWS Load Balancer Controller, run the following command:
eksctl create iamserviceaccount \
--cluster=express-api \
--namespace=kube-system \
--name=aws-load-balancer-controller \
--attach-policy-arn=arn:aws:iam::{org-id}:policy/AWSLoadBalancerControllerIAMPolicy \
--override-existing-serviceaccounts \
--approve \
--region us-west-1
Note: This command create a stack in cloudformation
eksctl get iamserviceaccount --region us-west-1 --cluster express-api --name aws-load-balancer-controller --namespace kube-system
#or
kubectl get serviceaccount aws-load-balancer-controller --namespace kube-system
helm repo add eks https://aws.github.io/eks-charts
kubectl apply -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller//crds?ref=master"
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
--set clusterName=express-api \
--set serviceAccount.create=false \
--set region=us-west-1 \
--set vpcId={vpc-id} \
--set serviceAccount.name=aws-load-balancer-controller \
-n kube-system
eksctl create fargateprofile --cluster express-api --region us-west-1 --name express-api-profile --namespace express-api-namespace
kubectl apply -f express-api-alb.yml
Note: If you want https on your load balancer, you need to create it before in the same region when you are deployed your cluster (us-west-1 for this example), then pass the certificate arn in the file.yml
kubectl get ingress/express-api-ingress -n express-api-namespace
#or
kubectl get ingresses.networking.k8s.io express-api-ingress -n express-api-namespace
Output:
NAME CLASS HOSTS ADDRESS PORTS AGE
express-api-ingress alb * k8s-expressa-expressa-xxxxxxxxxx-xxxxxxxx.us-west-2.elb.amazonaws.com 80 12m
Note: If your Ingress isn't created after several minutes, view the AWS Load Balancer Controller logs by running the following command:
kubectl logs -n kube-system deployment.apps/aws-load-balancer-controller
Note: Remember create an A record in route 53 or your domain admin point to load balancer
kubectl scale deployments express-api-deployment --replicas=3 -n express-api-namespace
https://repost.aws/knowledge-center/eks-alb-ingress-controller-fargate
eksctl delete cluster --region us-west-1 --name express-api